Security and high profile sites get 'pwned'

Nigerian scams, chain letters, pyramid schemes and anything not auction related.
User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Poor Old Microsoft

Post by Foggyone » Wed Jan 22, 2014 6:01 pm

Did Microsoft actually put 'get repeatedly pwned by Syrian hackers' on its 2014 todo list?
Another week, and yet another successful compromise of Microsoft's servers by the so-called Syrian Electronic Army. And this time it's Redmond's revamped Office blog that got vandalized.

"A targeted cyberattack temporarily affected the Microsoft Office blog and the account was reset," a spokesperson told El Reg in a statement.

"We can confirm that no customer information was compromised. Microsoft continues to take a number of actions to protect our employees and accounts against this industry-wide issue."

Microsoft relaunched the Office blog on Monday, but in a series of Twitter postings the self-styled Syrian Electronic Army (SEA) mocked Redmond's attempts to keep the dastardly defacers at bay: "Changing the CMS [content management system] will not help if your employees are hacked and they don't know about it."

It's a highly embarrassing development for Microsoft. Last week the SEA successfully got into two official Microsoft Twitter accounts and one blog, and a few days later Redmond was forced to admit that some of its staff email accounts had also been taken over.
How embarrassing. Bugger!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

How Bad Is It, Really??

Post by Foggyone » Thu Jan 23, 2014 5:47 pm

Prior posts have detailed the Target breach.

Neiman Marcus has also been breached, but I have seen no details about the extent of this.

So, how prevalent are breaches and theft of data from the retail sector.

Retail is RIDDLED with malware and bots - survey
Analysis of 139 US retailers from November 2013 until 12 January 2014 by net security firm BitSight found 1,035 instances of unique malware infections actively communicating with attackers from inside corporate networks: 7.5 on average per company.

The Trojan Neurevt was by far the most prevalent attack observed in the retail sector during this time period. Neurevt, which exploits Windows systems, steals sensitive data (such as login details) from a compromised machine by modifying the device's settings and preventing security processes from running. Infection with Neurevt grants hackers unfettered access to compromised machines.

Kaptoxa, which is a modified version of a known hacking tool called BlackPOS, has been linked to the fraud at Target. It is but one example of malicious code coming from an expanding production line. Other hacker tools and Trojans suited to attacks involving the compromise of point-of-sale and back-office systems at retailers include Dexter and Alina. Further examples include Dacebal, a new kind of point-of-sale malware that originates from Romania, which is unusual – not least because it is written in VBScript.

Security intelligence firm interCrawler said that Dacebal brings previously unseen features to the retail attack-orientated malware, including compact command-and-control programming routines.
The highlighted info is the real killer. The retail sector is riddled with malware busy feasting on data, if these figures are correct. As always, caution should be used when viewing information of this type, and questions asked about the suppliers involvement in any "cure". In this instance BitSight is involved in the industry and may be pumping the figures for their own (commercial) ends.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Neiman Marcus Breach Details

Post by Foggyone » Fri Jan 24, 2014 5:46 pm

1.1 MILLION customers' credit card data was swiped in Neiman Marcus breach

It's was the old 'malware on point-of-sale terminal' wheeze again
US luxury retailer Neiman Marcus has confirmed that details from 1.1 million customers' cards were stolen in a recently detected high-profile breach.

Card details were lifted after hackers successfully planted malware on payment systems over a period that ran between 18 July and 30 October last year, far earlier than previously suspected.

Around 2,400 of the compromised credit card details have subsequently been abused to make fraudulent purchases, according to an update by Neiman Marcus on the breach.
Because Neiman Marcus is a lixiry goods retailer these cards tend to be of a higher value than run of the mill cards swiped.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Coming Soon!

Post by Foggyone » Fri Jan 24, 2014 5:51 pm

To an ATM near you.

95 percent of the world’s ATMs run Windows XP (gulp)
Between evil Chrome extensions and massive data breaches like those suffered by Target recently and Adobe late last year, we have enough security concerns to worry about. However, soon, some of our most important machines may become vulnerable to malware: ATM machines. You know, those things you use to access your bank account and spit money at you.

NCR, the biggest supplier of ATM machines here in the states, says that a whopping 95 percent of the world’s money machines are running Windows XP. Meanwhile, according to Bloomberg Businessweek, roughly 420,000 ATMs call the U.S.A. home, and most of them run XP. Considering that as of April 8 of this year, anything running Windows XP will cease to receive full support from Microsoft, banks and any other business institution that makes ATMs a part of its business, you’d think that these firms would’ve been motivated to upgrade to Windows 7 long before considering Redmond has made the cutoff date plainly public for some time now. However, it is worth noting that Microsoft has recently announced an extension of its anti-malware support to mid-2015.

You might be saying to yourself, “Well, why don’t they just upgrade to Windows 7?” That’s indeed part of the plan, but due to multiple factors, KAL, an outfit that specializes in software for ATM machines, says only 15 percent of U.S.-based ATMs will be running Windows 7 by the time April 8 rolls around.
Going to get interesting
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Paypal President Pummelled!

Post by Foggyone » Wed Feb 12, 2014 6:15 pm

An amusing story this morning (particularly because it didn't happen to me).

Credit card of PayPal PRESIDENT cloned by UK crooks
PayPal president's credit card got hacked on a UK visit, the victim revealed on Twitter.

David Marcus said that an unidentified criminal used a skimming device and his credit card was cloned before "tons" of fraudulent transaction were made.

The senior executive of the eBay-owned payment processing firm made sure to score a marketing point from the whole unhappy incident, pointing out that if the merchant had accepted PayPal the fraud wouldn't have been possible in the way it apparently happened.
Hmmmmm.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

University of Maryland

Post by Foggyone » Sun Feb 23, 2014 5:38 pm

Uni of Maryland hacked: 300,000 SSNs of staff, students, alumni swiped
Former and current staff and students at the University of Maryland are going to be getting a free year of credit score protection after hackers slurped the names, social security numbers, dates of birth, and university identification numbers for 309,079 people.

"The University of Maryland was the victim of a sophisticated computer security attack that exposed records containing personal information,"
These things are almost always characterised as "a sophisticated attack". Never what they really are. A failure of systems and people!

Interestingloy, this university is a top recruiting ground for that American terrorist group, the NSA! Wonder if that had anything to do with the target selection?
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

360,000,000 Stolen Credentials For Sale

Post by Foggyone » Wed Feb 26, 2014 1:55 am

A cybersecurity firm has reported it's uncovered the theft of credentials from some 360 million accounts and the details are available for sale on cyber black markets.
Holden said he believed the 360 million records were obtained in separate attacks, including one that yielded some 105 million records, which would make it the largest single credential breaches known to date.

He said he believed the credentials were stolen in breaches that have yet to be publicly reported. The companies attacked may remain unaware until they were notified by third parties who find evidence of the hacking, he said.
The massive trove of credentials included user names, which were typically email addresses, and passwords that in most cases were in unencrypted text.
The discovery could represent more of a risk to consumers and companies than stolen credit card data because of the chance the sets of user names and passwords could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system.
WOW!!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Spy Vs Spy

Post by Foggyone » Wed Mar 05, 2014 5:33 pm

This is an odd one to classify. CIA has allegedly been spying on the committee tasked with overseeing them.

CIA snoops snooped on Senate to spy spy torture report – report.
Spies spied on our spy docs, official claims

CIA officers allegedly hacked into the US Senate Intelligence Committee's computers to find out what the oversight committee had found out about its controversial detention and treatment of terror suspects.‬

The oversight committee had managed to get its hands on unapproved material, or so the CIA feared, the New York Times reports. In response, the agency allegedly went as far as hacking into the Congressional network to find out what it knew and perhaps where the leaked material came from, an unnamed official told the paper.
I'll leave you to make your own conclusions.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

12 Million Koreans Klobbered

Post by Foggyone » Fri Mar 07, 2014 6:15 pm

Twelve million hit as Korea suffers ANOTHER massive data breach
The South Korean government was forced to launch an inquiry today after another massive data breach rocked the country, time the theft of account information belonging to 12 million customers of telco KT Corp.

The Incheon Metropolitan Police said on Thursday it arrested two hackers and the CEO of a telemarketing firm last week on suspicion of infiltrating the telco giant’s servers and stealing the data, according to Yonhap.

The data grab apparently went undetected by KT for an entire year with the suspects allegedly snatching up to 300,000 records in a single day. The nabbed details included names, registration numbers and bank account info.
This is the third time in two years that the country’s second biggest carrier has been hit with a major data breach.

In March 2012 internal employees at KT and SK Telecom sold data on 200,000 customers to telemarketers, while in July that year hackers grabbed info on 8.7 million punters and sold it on after breaching a customer sales system.

After the last incident, KT promised to tighten up its security to avoid a repeat.

The news comes just a couple of months after an insider at the Korea Credit Bureau made off with 20 million cardholders’ details.
Korean IT appears to have more holes than swiss cheese!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Target Failure

Post by Foggyone » Fri Mar 14, 2014 5:28 pm

Target IGNORED alarm bells as hackers slurped 40m credit card numbers
Bloomberg Businessweek reports that security technology from FireEye detected the malware-powered hack – but Target staff failed to act on the alerts, only taking action after a warning from federal investigators around two weeks after the initial breach at the end of November
"On November 30th, according to a person who has consulted on Target's investigation but is not authorized to speak on the record, the hackers deployed their custom-made code, triggering a FireEye alert that indicated unfamiliar malware: malware.binary," Businessweek writes. "Details soon followed, including addresses for the servers where the hackers wanted their stolen data to be sent. As the hackers inserted more versions of the same malware... the security system sent out more alerts, each the most urgent on FireEye's graded scale."

Target's Symantec anti-virus system also flagged up alerts about suspicious activity around the time of the initial breach, which ultimately exposed 70 million pieces of personal information as well as 40 million credit card records.
Stand by for approaching lawyers!
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Target On His Back

Post by Foggyone » Mon May 05, 2014 7:06 pm

Further to the above story about Target, the CEO gets the bullet.
The CEO of Target is the latest casualty of the big-box retailer's disastrous holiday data breach.

The company said that chief exec Gregg Steinhafel would be leaving the company after 35 years,vacating both the CEO and president roles as well as his seat as chairman of the company's board of directors.

Steinhafel had overseen the company as CEO since 2008 and as president since 2009. According to a Bloomberg profile, Steinhafel joined the company as a trainee in 1979 and rose through the ranks at Target to take over the top role at the retail giant.
This is why.
Subsequent investigations found that Target's corporate management failed to act on warnings issued by the company's network security systems and only moved on the breach when outside investigators noticed suspicious activity. The breach was eventually traced to a network intrusion at a third-party contractor.
Lets put systems in place, then ignore the red flags.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Sacré Bleu

Post by Foggyone » Thu May 08, 2014 6:54 pm

Orange France hacked AGAIN, 1.3 million victims seeing red
Personal data describing 1.3 million customers of Orange France has been stolen in the second hack to hit the telco this year.

Hackers made off with subscriber names, dates of birth and phone numbers of about 4.9 percent of the telco's subscriber base.
The hack came a little over two months after 800,000 customer details were stolen by hackers raiding the telco's 'My Account' page. Crims made off with names, email and street addresses, customer IDs, and phone numbers.

In September, hackers attacked Vodafone Germany making off names, addresses and bank details of two million subscribers.
Telecos are fertile fields for hackers, and then phishers.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Ebays Turn Now

Post by Foggyone » Wed May 21, 2014 7:10 pm

Ebay has been hacked! Change your password.

Isn't it all too familiar.

eBay Hacked, Urges All Members to Change Passwords Immediately

The story is light on facts.
Happened between February and March
Access was gained using hijacked staff accounts (another source for this information)
Spotted two weeks ago (about 3 months after it happened)
No fraud has been seen yet.

Best advice. Change your password. Go to ebay.com, click on Myebay link at top right, log in and change your password.

You weren't going to use the link in the above story, were you??? Surely not, you know better than that.

Update 23 May.

Appears details of 145,000,000 (one hunderd and forty five million) accounts have been swiped.
Details of how passwords were secured have still to surface. Ebay claims they have secured the passwords in some manner, but whether this is secure is still to be determined.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

Avast, me hearties!

Post by Foggyone » Tue May 27, 2014 7:44 pm

Antivirus firm Avast! has 'fessed up to a breach.

Shouldn't be too serious, except for the old "shared passwords" problem.
Google, the answer to so many questions!
-----------------------------------------------------

User avatar
Foggyone
Site Admin
Posts: 9880
Joined: Sat May 22, 2004 8:16 pm
First Name: Peter
Location: Lower Hutt
Contact:

US Army Today

Post by Foggyone » Sat Jun 07, 2014 2:02 am

The US army in South Korea has been raided and the records of 16,000 personnel stationed there, plus an undisclosed number of locals, have been stolen.

The army PR machine has put out a bulletin in this usual soothing tones seeking to minimise the theft.

Read about it here.
Google, the answer to so many questions!
-----------------------------------------------------

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests